The folks at iPhone Islam have discovered a bug that bypasses the lock screen on the iPhone 3GS, 4 and 4S. Demonstrated in a three-minute YouTube video, the flaw is simple to exploit with some patience and grants unauthorized access to the handset's full contact list, recent calls and favorites, along with being able to make standard or FaceTime calls.
The hack requires you to return a missed call through the iOS notification screen while the device is searching for a network. The video notes this is easier to accomplish if you're in an area with no signal, but you can repeatedly eject and reinsert the SIM card to achieve a similar effect. If timed properly, the handset will unlock itself to the phone application.
In a separate development, Cult of Mac reports that iPatch has found a security hole allowing an attacker to sidestep the lock screen and access an iPhone's pictures. Normally, when an iOS 5 device is locked, you can access the camera application to take pictures from the secured state, but you can't view previously taken shots without entering a code.
However, iPatch is able to access the iPhone 4's camera roll sans authorization by briefly removing its battery (requires you to undo two screws to slide off the rear cover). Once the device reboots, you toggle to the front-facing camera (assuming it's not selected already) and open sesame: you can view all the photos. It's unknown if this works on the iPhone 4S.